Unrated severityNVD Advisory· Published Jan 16, 2019· Updated Sep 16, 2024
Failure to properly clean up closed OMAPI connections can exhaust available sockets
CVE-2017-3144
Description
A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
154.1.0-4.1-ESV-R15, 4.2.0-4.2.8, 4.3.0-4.3.6+ 1 more
- (no CPE)range: 4.1.0-4.1-ESV-R15, 4.2.0-4.2.8, 4.3.0-4.3.6
- (no CPE)range: ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested.
- osv-coords13 versionspkg:rpm/opensuse/dhcp&distro=openSUSE%20Tumbleweedpkg:rpm/suse/dhcp&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/dhcp&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/dhcp&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/dhcp&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/dhcp&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/dhcp&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/dhcp&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/dhcp&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/dhcp&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/dhcp&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/dhcp&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/dhcp&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
< 4.4.2.P1-2.4+ 12 more
- (no CPE)range: < 4.4.2.P1-2.4
- (no CPE)range: < 4.3.3-10.11.1
- (no CPE)range: < 4.3.3-10.11.1
- (no CPE)range: < 4.2.4.P2-0.28.5.3
- (no CPE)range: < 4.3.3-10.11.1
- (no CPE)range: < 4.3.3-10.11.1
- (no CPE)range: < 4.3.3-10.11.1
- (no CPE)range: < 4.2.4.P2-0.28.5.3
- (no CPE)range: < 4.3.3-10.11.1
- (no CPE)range: < 4.3.3-10.11.1
- (no CPE)range: < 4.2.4.P2-0.28.5.3
- (no CPE)range: < 4.3.3-10.11.1
- (no CPE)range: < 4.3.3-10.11.1
Patches
Vulnerability mechanics
References
6- access.redhat.com/errata/RHSA-2018:0158mitrevendor-advisoryx_refsource_REDHAT
- usn.ubuntu.com/3586-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.debian.org/security/2018/dsa-4133mitrevendor-advisoryx_refsource_DEBIAN
- www.securityfocus.com/bid/102726mitrevdb-entryx_refsource_BID
- www.securitytracker.com/id/1040194mitrevdb-entryx_refsource_SECTRACK
- kb.isc.org/docs/aa-01541mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.